[148344] in cryptography@c2.net mail archive
Re: [Cryptography] Kindle as crypto hardware
daemon@ATHENA.MIT.EDU (Phillip Hallam-Baker)
Wed Dec 4 13:25:39 2013
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <20131204160242.GB19914@thunk.org>
Date: Wed, 4 Dec 2013 11:19:26 -0500
From: Phillip Hallam-Baker <hallam@gmail.com>
To: "Theodore Ts'o" <tytso@mit.edu>
Cc: "cryptography@metzdowd.com" <cryptography@metzdowd.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============8876773831037652486==
Content-Type: multipart/alternative; boundary=e89a8f3bafefe007c204ecb7c689
--e89a8f3bafefe007c204ecb7c689
Content-Type: text/plain; charset=ISO-8859-1
On Wed, Dec 4, 2013 at 11:02 AM, Theodore Ts'o <tytso@mit.edu> wrote:
> On Wed, Dec 04, 2013 at 10:40:25AM -0500, Phillip Hallam-Baker wrote:
>
> (BTW, my quick pricing of a Rasberry Pi with a display is not cheaper
> than an Arduino, but your milage may vary.)
The Pi has HDMI out so it can hook into an existing display so depending on
the application it is a wash. It also has the random number generator and
the operating system boots from SD card which I find more comforting than
loading up a black box via USB.
> One other nice thing about using your own kit version is that it's
> simpler to do certified distruction of only the components that might
> contain keying information, and be able to reuse the rest. It's also
> probably easier to create a tamper-proof enclusure with an Arduino
> style device compared to using a Kindle.
>
Yes, there are some applications for which this is essential. Generating EC
curves for example.
But as I showed in a previous post, there are techniques that we can use
that allow us to audit the operation of a device without performing a full
code audit.
Basically we use that NSA DUAL_EC_DRNG with a backdoor for the purpose it
was probably originally designed which is to enable the devices to be
audited by making their behavior deterministic.
So I don't dispute that we will want to use Arduino or Pi class hardware
for some purposes. But there are other options available as well.
--
Website: http://hallambaker.com/
--e89a8f3bafefe007c204ecb7c689
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><br><div class=3D"gmail_extra"><br><br><div class=3D"gmail=
_quote">On Wed, Dec 4, 2013 at 11:02 AM, Theodore Ts'o <span dir=3D"ltr=
"><<a href=3D"mailto:tytso@mit.edu" target=3D"_blank">tytso@mit.edu</a>&=
gt;</span> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex"><div class=3D"im">On Wed, Dec 04, 2013 at 10=
:40:25AM -0500, Phillip Hallam-Baker wrote:<br><br></div></blockquote><bloc=
kquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #cc=
c solid;padding-left:1ex">
(BTW, my quick pricing of a Rasberry Pi with a display is not cheaper<br>
than an Arduino, but your milage may vary.)</blockquote><div><br></div><div=
>The Pi has HDMI out so it can hook into an existing display so depending o=
n the application it is a wash. It also has the random number generator and=
the operating system boots from SD card which I find more comforting than =
loading up a black box via USB.</div>
<div><br></div><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex=
;border-left:1px #ccc solid;padding-left:1ex"><div class=3D"im"><br>
</div>One other nice thing about using your own kit version is that it'=
s<br>
simpler to do certified distruction of only the components that might<br>
contain keying information, and be able to reuse the rest. =A0It's also=
<br>
probably easier to create a tamper-proof enclusure with an Arduino<br>
style device compared to using a Kindle.<br></blockquote><div><br></div><di=
v>Yes, there are some applications for which this is essential. Generating =
EC curves for example.</div><div><br></div><div>But as I showed in a previo=
us post, there are techniques that we can use that allow us to audit the op=
eration of a device without performing a full code audit.</div>
<div><br></div><div>Basically we use that NSA DUAL_EC_DRNG with a backdoor =
for the purpose it was probably originally designed which is to enable the =
devices to be audited by making their behavior deterministic.</div><div>
<br></div><div><br></div><div>So I don't dispute that we will want to u=
se Arduino or Pi class hardware for some purposes. But there are other opti=
ons available as well.</div></div><div><br></div>-- <br>Website: <a href=3D=
"http://hallambaker.com/">http://hallambaker.com/</a><br>
</div></div>
--e89a8f3bafefe007c204ecb7c689--
--===============8876773831037652486==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============8876773831037652486==--
